It's highly unlikely a fully physical key could be developed for a digital system that would have sufficient security not to be exploited by bad actors that have physical access to the device.
Given that it's likely that fully physical access is unlikely to be a necessity to make use of the backdoor. Thus it's fair to assume it could also be exploited (or used "legitimately" by law enforcement) remotely - even if it is primary intended to unlock the device they have seized it physically.
Backdoors of any description are simply impossible to implement securely.
> Thus it's fair to assume it could also be exploited remotely
When the data in question only resides on the physical device that is not a fair assumption at all.
An alternate OS that allows all 10,000 4-digit codes to be rapidly tried isn't a piece of magic that allows you to do anything you want. It has a very limited use.
Given that it's likely that fully physical access is unlikely to be a necessity to make use of the backdoor. Thus it's fair to assume it could also be exploited (or used "legitimately" by law enforcement) remotely - even if it is primary intended to unlock the device they have seized it physically.
Backdoors of any description are simply impossible to implement securely.